cost/benefit of some src.conf options
Chris
bsd-lists at bsdforge.com
Fri Mar 26 21:35:00 UTC 2021
On 2021-03-26 12:17, Andrea Venturoli wrote:
> On 3/26/21 7:46 PM, Dimitry Andric wrote:
>
>> That said, the retpoline mechanisms tend to be fairly well tested by
>> now, but will still have a non-negligible performance impact, maybe even
>> a large impact, depending on your workload. There is no simple answer
>> here, you will have to measure it for yourself.
>
> AFAIK:
> _ RETpoline is an alternative to IBRS;
> _ the impact of RETpoline should be lower than IBRS;
> _ IBRS is enabled by default.
>
> Did I get it wrong?
My understanding is that retpoline is really only of interest if your box
might
accessed *locally* by *untrusted* individuals. See:
https://nvd.nist.gov/vuln/detail/CVE-2017-5715
--Chris
>
> So, unless someone is willing to disable IBRS and live without mitigation,
> it
> would be interesting to know how performance differs between the two.
> I've seen IBRS's impact on bhyve-hosted Windows guests reach 15%-20%.
> I've never tried RETpoline for the lack of information WRT to its stability:
> I
> guess "fairly well tested" does not mean "production ready", or it would be
> enabled by default, wouldn't it? :)
> _______________________________________________
> freebsd-hackers at freebsd.org mailing list
> https://lists.freebsd.org/mailman/listinfo/freebsd-hackers
> To unsubscribe, send any mail to "freebsd-hackers-unsubscribe at freebsd.org"
More information about the freebsd-hackers
mailing list